Michael DiLeo
7327d77dcd
Add the redacted source file for demo purposes Reviewed-on: https://source.michaeldileo.org/michael_dileo/Keybard-Vagabond-Demo/pulls/1 Co-authored-by: Michael DiLeo <michael_dileo@proton.me> Co-committed-by: Michael DiLeo <michael_dileo@proton.me>
95 lines
2.2 KiB
YAML
95 lines
2.2 KiB
YAML
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: authentik-server
|
|
namespace: authentik-system
|
|
labels:
|
|
app.kubernetes.io/name: authentik
|
|
app.kubernetes.io/component: server
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: authentik
|
|
app.kubernetes.io/component: server
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: authentik
|
|
app.kubernetes.io/component: server
|
|
spec:
|
|
serviceAccountName: authentik
|
|
securityContext:
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
runAsGroup: 1000
|
|
fsGroup: 1000
|
|
containers:
|
|
- name: authentik
|
|
image: ghcr.io/goauthentik/server:2024.10.1
|
|
args: ["server"]
|
|
env: []
|
|
envFrom:
|
|
- secretRef:
|
|
name: authentik-database
|
|
- secretRef:
|
|
name: authentik-email
|
|
- secretRef:
|
|
name: authentik-secret-key
|
|
ports:
|
|
- name: http
|
|
containerPort: 9000
|
|
protocol: TCP
|
|
- name: metrics
|
|
containerPort: 9300
|
|
protocol: TCP
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /-/health/live/
|
|
port: http
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 30
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /-/health/ready/
|
|
port: http
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 30
|
|
volumeMounts:
|
|
- name: media
|
|
mountPath: /media
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 512Mi
|
|
limits:
|
|
cpu: 1000m
|
|
memory: 1Gi
|
|
volumes:
|
|
- name: media
|
|
persistentVolumeClaim:
|
|
claimName: authentik-media
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: authentik-server
|
|
namespace: authentik-system
|
|
labels:
|
|
app.kubernetes.io/name: authentik
|
|
app.kubernetes.io/component: server
|
|
spec:
|
|
type: ClusterIP
|
|
ports:
|
|
- port: 80
|
|
targetPort: http
|
|
protocol: TCP
|
|
name: http
|
|
- port: 9300
|
|
targetPort: metrics
|
|
protocol: TCP
|
|
name: metrics
|
|
selector:
|
|
app.kubernetes.io/name: authentik
|
|
app.kubernetes.io/component: server |